The token script API
Negotiator
The name "Negotiator" is named after TokenNegotiation, introduction here: http://tokenscript.org/intros/token-negotiation.html
There are concerns that the new users wouldn't get a straight understanding of what it is, and an alternative name is being searched for.
Authenticator
There are 3 paradigms:
Utilty model
The Authenticator is a utility class which, given a token, produces a proof, which can be used in a challenge-response authentication or attached to a transaction to prove that it's sent from a valid token holder.
In case of Devcon Ticket:
const useTicketProof = Authenticator.generateAuthenticationBlob(selectedTicket);
This resulting proof can be used for authentication or creation of a transaction.
When authenticating:
// getting a challenge
const challenge = fetch(…)…
// sign a challenge contain
const msg = '{challenge: "' + challenge + '", proof: "' + atob(useTicketProof) + '"}'
const signedMsg = web3.eth.account.signMessage(msg)
// send the challenge back to the server
fetch(URL, {method: post, body: signedMsg;}).…
// get server greenlight, fetch privileged content
…
Sending Tx
In the creation of a transaction
transactionPayload = [candidate_id, useTicketProof]
vote = Contract.ABI('vote');
transaction = vote.call({gas: 2111, from: 0x8308402; to: 0x89038038 });
web3.tx.send…
Disney model
Sending Tx
It works like magic, generating, sending transactions and attaching proof in one go:
// say the user have a ticket and he intends to vote for Number Six
// send a transaction to vote, which have the ticket proof in the payload
selectTicket.vote(6).send().then(…)
// the reason it could work is because the ticket is a token object
// which, through tokenscript, we already know what are the contracts responsible
// for each action you can do, such as send(), so by the time the developer calls
// send(), the corrisponding contract is instantiated in lazy fashion, and
// the call is assembled, which knows how to convert a set of Webster's params
// into another set of transaction payloads
Authenticating for a server
(Draft missing)
Hybrid
// smart contract function prototype is defined by Webster
// contract function prototype, including:
const contractPrototype = "function vote(int candidate_id, bytes ticket_proof)
function…"
const contractInstance = new Contract(contractProtype, atAddress)
// we always assume the proof is the last parameter so "params" should have one element short
// of the voteCall
Authenticator.sendTx(contractInstance, 'vote', params);